Shop Management

Author: Josh S. Sakweli, Backend Lead Team
Last Updated: ~~2025-09-23~~2026-05-19
Version: ~~v1.~~v2.0

~~Base URL~~: https://api.nextgate.com/api/v1

Short Description: The Shop Management API provides ~~comprehensive~~ endpoints for creating, managing, and retrieving shop information ~~within~~on the NextGate platform. ~~This API handles~~Covers shop registration, updates, approvals, ~~categorization,~~WABA (WhatsApp Business) integration, AI chatbot toggling, and ~~includes~~conversation ~~integrated rating and review data for enhanced shop profiles.~~history.

Hints:

All shop ~~operations~~endpoints ~~require~~use ~~proper~~the ~~authentication~~prefix ~~via Bearer token~~api/v1/e-commerce/shops
Shop creation requires ~~valid~~authentication; ~~category~~public IDusers ~~and~~can ~~owner~~only ~~authentication~~read
Pagination uses 1-based page numbering ~~(page=1 for first page)~~
Shop approval operations require ~~SUPER_ADMIN~~ROLE_SUPER_ADMIN or ~~STAFF_ADMIN roles~~ROLE_STAFF_ADMIN
Featured shops are randomized on each request ~~for better discovery~~
Rating and review data is automatically included in shop responses (read-only — managed by separate review service)

WABA = WhatsApp Business Account integration for the shop's AI-powered chatbot

Standard Response Format

~~All API responses follow a consistent structure using our Globe Response Builder pattern:~~

Success Response Structure

{
  "success": true,
  "httpStatus": "OK",
  "message": "Operation completed successfully",
  "action_time": "2025-09-23T10:2026-05-19T10:30:45",
  "data": { // Actual response data goes here
  }
}

Error Responseresponses Structure

the same envelope with {
  "success": false,false "httpStatus":and "BAD_REQUEST",
  "message": "Error description",
  "action_time": "2025-09-23T10:30:45",
  "data": "Errorset description"to // or detailedthe error object
}

Standard Response Fields

~~Field~~	~~Type~~	~~Description~~
`success`	~~boolean~~	~~Always~~ `true` ~~for successful operations,~~ `false` ~~for errors~~
`httpStatus`	~~string~~	~~HTTP status name (OK, BAD_REQUEST, NOT_FOUND, etc.)~~
`message`	~~string~~	~~Human-readable~~ message ~~describing the operation result~~
`action_time`	~~string~~	~~ISO 8601 timestamp of when the response was generated~~
`data`	~~object/string~~	~~Response payload for success, error details for failures~~

string.

Endpoints

1. Create Shop

~~Purpose~~~~: Creates a new shop with all required information including owner details, category assignment, and location data~~

Endpoint: POST {base_url}/api/v1/e-commerce/shops

Access Level: 🔒 Protected ~~(Requires Bearer Token Authentication)~~

~~Authentication~~~~: Bearer Token~~

Request ~~Headers~~:

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for authenticated user~~
~~Content-Type~~	~~string~~	~~Yes~~	~~application/json~~

~~Request JSON Sample~~:

{
  "shopName": "Mama Lucy's Restaurant",
  "shopDescription": "Authentic Tanzanian cuisine served with love in the heart of Dar es Salaam",
  "tagline": "Taste of home",
  "logoUrl": "https://example.com/logo.jpg",
  "bannerUrl": "https://example.com/banner.jpg",
  "shopImages": [
    "https://example.com/shop1.jpg",
    "https://example.com/shop2.jpg"
  ],
  "categoryId": "550e8400-e29b-41d4-a716-446655440000",
  "shopType": "HYBRID",
  "phoneNumber": "+255123456789",
  "email": "info@mamalucy.co.tz",
  "websiteUrl": "https://mamalucy.co.tz",
  "socialMediaLinks": [
    "https://facebook.com/mamalucy",
    "https://instagram.com/mamalucy"
  ],
  "address": "Msimbazi Street, Block 45",
  "city": "Dar es Salaam",
  "region": "Dar es Salaam",
  "postalCode": "12345",
  "countryCode": "TZ",
  "latitude": -6.7924,
  "longitude": 39.2083,
  "locationNotes": "Near the main bus stop",
  "businessRegistrationNumber": "REG123456",
  "taxNumber": "TAX789012",
  "licenseNumber": "LIC345678",
  "promotionText": "Grand opening - 20% off all meals!"
}

~~Request~~ Body ~~Parameters~~:

Parameter	Type	Required	Description	Validation
shopName	string	Yes	Name of the shop	Min: 2, Max: 100 ~~characters~~chars
shopDescription	string	Yes	Detailed description ~~of the shop~~	Max: 1000 ~~characters~~
~~categoryId~~	~~UUID~~	~~Yes~~	~~Shop category identifier~~	~~Must be valid category ID~~chars
phoneNumber	string	Yes	Contact phone ~~number~~	Pattern: `^\+?[0-9]{10,15}$`
city	string	Yes	City ~~location~~	Min: 2, Max: 50 ~~characters~~chars
region	string	Yes	Region/state ~~location~~	Min: 2, Max: 50 ~~characters~~
~~tagline~~	~~string~~	No	~~Short promotional tagline~~	~~Max: 50 characters~~chars
logoUrl	string	No	~~URL to shop~~Shop logo ~~image~~URL	~~Must be valid~~Valid URL, ~~Max:~~max 1000 chars
bannerUrl	string	No	~~URL to shop~~Shop banner ~~image~~URL	~~Must be valid~~Valid URL, ~~Max:~~max 1000 chars
shopImages	array	No	Array of shop image URLs	~~Each~~Valid ~~URL~~URLs, max 1000 chars
~~shopType~~	~~string~~	No	~~Type of shop~~	~~enum: PHYSICAL, ONLINE, HYBRID (default: HYBRID)~~each
email	string	No	~~Shop contact~~Contact email	~~Must be valid~~Valid email, ~~Max:~~max 100 chars
~~websiteUrl~~	~~string~~	No	~~Shop website URL~~	~~Must be valid URL, Max: 200 chars~~
~~socialMediaLinks~~	~~array~~	No	~~Array of social media URLs~~	~~Each URL max 500 chars~~
~~address~~	~~string~~	No	~~Street address~~	~~Max: 200 characters~~
~~postalCode~~	~~string~~	No	~~Postal/ZIP code~~	~~Max: 10 characters~~
countryCode	string	No	Country code	Max: 3 ~~chars~~chars, ~~(default:~~Default: `"TZ")`
streetAddress	string	No	Street address	Max: 255 chars
landmark	string	No	Landmark / location notes	Max: 300 chars
latitude	decimal	No	~~Latitude~~GPS ~~coordinate~~latitude	Range: -90.0 to 90.0
longitude	decimal	No	~~Longitude~~GPS ~~coordinate~~longitude	Range: -180.0 to 180.0
~~locationNotes~~	~~string~~	No	~~Additional location details~~	~~Max: 300 characters~~
~~businessRegistrationNumber~~	~~string~~	No	~~Business registration number~~	~~Max: 50 characters~~
~~taxNumber~~	~~string~~	No	~~Tax identification number~~	~~Max: 50 characters~~
~~licenseNumber~~	~~string~~	No	~~Business license number~~	~~Max: 50 characters~~
~~promotionText~~	~~string~~	No	~~Current promotion message~~	~~Max: 200 characters~~

~~Success~~Request JSON Sample:

{
  "shopName": "Mama Lucy's Restaurant",
  "shopDescription": "Authentic Tanzanian cuisine in the heart of Dar es Salaam",
  "phoneNumber": "+255123456789",
  "city": "Dar es Salaam",
  "region": "Dar es Salaam",
  "logoUrl": "https://example.com/logo.jpg",
  "bannerUrl": "https://example.com/banner.jpg",
  "shopImages": ["https://example.com/shop1.jpg"],
  "email": "info@mamalucy.co.tz",
  "countryCode": "TZ",
  "streetAddress": "Msimbazi Street, Block 45",
  "landmark": "Near the main bus stop",
  "latitude": -6.7924,
  "longitude": 39.2083
}

Response JSON Sample:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shop created successfully",
  "action_time": "2025-09-23T10:2026-05-19T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Restaurant",
    "shopSlug": "mama-lucys-restaurant",
    "shopDescription": "Authentic Tanzanian cuisine served with love in the heart of Dar es Salaam",
    cuisine..."tagline": "Taste of home",
    "logoUrl": "https://example.com/logo.jpg",
    "bannerUrl": "https://example.com/banner.jpg",
    "shopImages": [
      "https://example.com/shop1.jpg",
      "https://example.com/shop2.jpg"
    ],
    "ownerId": "456e7890-e89b-12d3-a456-426614174001",
    "ownerName": "Lucy Mwalimu",
    "categoryId": "550e8400-e29b-41d4-a716-446655440000",
    "categoryName": "Restaurant & Food",
    "shopType": "HYBRID",
    "status": "PENDING",
    "phoneNumber": "+255123456789",
    "email": "info@mamalucy.co.tz",
    "websiteUrl": "https://mamalucy.co.tz",
    "socialMediaLinks": [
      "https://facebook.com/mamalucy",
      "https://instagram.com/mamalucy"
    ],
    "address"streetAddress": "Msimbazi Street, Block 45",
    "city": "Dar es Salaam",
    "region": "Dar es Salaam",
    "postalCode": "12345",
    "countryCode": "TZ",
    "latitude": -6.7924,
    "longitude": 39.2083,
    "locationNotes"landmark": "Near the main bus stop",
    "businessRegistrationNumber": "REG123456",
    "taxNumber": "TAX789012",
    "licenseNumber": "LIC345678",
    "establishedYear": null,
    "isVerified": false,
    "verificationBadge": null,
    "trustScore": 0.00,
    "lastSeenTime": null,
    "isFeatured": false,
    "featuredUntil": null,
    "promotionText": "Grand opening - 20% off all meals!",
    "isApproved": true,
    "createdAt": "2025-09-23T10:2026-05-19T10:30:45",
    "updatedAt": "2025-09-23T10:2026-05-19T10:30:45",
    "approvedAt": null,
    "averageRating": null,
    "totalRatings": 0,
    "totalActiveReviews": 0,
    "reviews": []
  }
}

~~Success~~Error ~~Response Fields~~Responses:

400:

alreadyexists

401:

~~Field~~	~~Description~~
~~shopId~~	~~Unique identifier for the shop~~
~~shopSlug~~	~~URL-friendly version of shop~~Shop name
~~status~~	~~Shop~~Authentication ~~status~~required ~~(PENDING,~~ `422`: ~~ACTIVE,~~Validation ~~SUSPENDED,~~errors ~~CLOSED,~~ ~~UNDER_REVIEW)~~
~~isApproved~~	~~Whether shop has been approved by admin~~
~~averageRating~~	~~Average rating score (null if no ratings)~~
~~totalRatings~~	~~Total number of ratings received~~
~~totalActiveReviews~~	~~Number of active reviews~~
~~reviews~~	~~Array of review objects~~

2. Get All Shops (List)

~~Purpose~~~~: Retrieves all shops in the system without pagination~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/all

Access Level: 🌐 Public ~~(No authentication required)~~

~~Authentication~~:Returns ~~None~~

~~Success~~list ~~Response~~of ~~JSON Sample~~:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Allall shops retrievedwith successfully",summary "action_time": "2025-09-23T10:30:45",
  "data": [
    {
      "shopId": "123e4567-e89b-12d3-a456-426614174000",
      "shopName": "Mama Lucy's Restaurant",
      "shopSlug": "mama-lucys-restaurant",
      "averageRating": 4.5,
      "totalRatings": 25,
      "totalActiveReviews": 12,
      "topReviews": [
        {
          "reviewId": "rev-123",
          "userName": "John Doe",
          "reviewText": "Amazing foodinfo and greattop service!",5 "createdAt":reviews "2025-09-22T14:30:00"per }
      ]
    }
  ]
}

shop.

3. Get All Shops (Paginated)

~~Purpose~~~~: Retrieves all shops with pagination support for better performance~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/all-paged

Access Level: 🌐 Public ~~(No authentication required)~~

~~Authentication~~~~: None~~

Query Parameters:

Parameter	Type	~~Required~~Default	Description	~~Validation~~	~~Default~~
page	integer	No1	Page number (1-based)	~~Min: 1~~	1
size	integer	No10	~~Number of items~~Items per page	~~Min:~~(max: ~~1, Max: 100~~	10100)

~~Success~~ Response JSON Sample:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shops retrieved successfully",
  "action_time": "2025-09-23T10:2026-05-19T10:30:45",
  "data": {
    "shops": [ { "shopId":...ShopSummary fields..."123e4567-e89b-12d3-a456-426614174000",
        "shopName": "Mama Lucy's Restaurant",
        "averageRating": 4.5,
        "totalRatings": 25,
        "city": "Dar es Salaam",
        "region": "Dar es Salaam" } ],
    "currentPage": 1,
    "pageSize": 10,
    "totalElements": 150,
    "totalPages": 15,
    "hasNext": true,
    "hasPrevious": false,
    "isFirst": true,
    "isLast": false
  }
}

4. Update Shop

~~Purpose~~~~: Updates shop information (only shop owners can update their shops)~~

Endpoint: PUT {base_url}/api/v1/e-commerce/shops/{shopId}

Access Level: 🔒 Protected (Shop Owner ~~Only)~~

~~Authentication~~~~: Bearer Token~~only)

Path Parameters:

Parameter	Type	~~Required~~	Description	~~Validation~~
shopId	UUID	~~Yes~~	~~Unique identifier~~ID of the shop	~~Must be valid UUID~~

~~Request~~All ~~Headers~~:

request bodyfieldsareoptional—onlyprovidedfieldsare

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for authenticated user~~
~~Content-Type~~	~~string~~	~~Yes~~	~~application/json~~

~~Request JSON Sample~~:

{
	"shopName": "Mama Juma's Kitchen - Tabora",
	"shopDescription": "Authentic Tanzanian cuisine with fresh ingredients and traditional recipes passed down through generations. We specialize in local dishes like ugali, nyama choma, and pilau.",
	"logoUrl": "https://example.com/images/mama-juma-logo.jpg",
	"categoryId": "fec6a097-612c-470c-af4f-4807e24bef9a",
	"phoneNumber": "+255712345678",
	"city": "Dar es Salaam",
	"region": "Dar es Salaam",
	"tagline": "Taste of Home",
	"shopImages": [
		"https://example.com/images/shop-front.jpg",
		"https://example.com/images/kitchen.jpg"
	],
	"bannerUrl": "https://example.com/images/banner.jpg",
	"shopType": "ONLINE",
	"email": "info@mamajuma.co.tz",
	"websiteUrl": "https://mamajuma.co.tz",
	"socialMediaLinks": [
		"https://facebook.com/mamajuma",
		"https://instagram.com/mamajuma"
	],
	"address": "123 Msimbazi Street, Kariakoo",
	"postalCode": "11101",
	"businessRegistrationNumber": "VRI19939",
	"taxNumber": "TAX9482",
	"countryCode": "TZ",
	"latitude": -6.8160,
	"longitude": 39.2803,
	"locationNotes": "Near Kariakoo Market, opposite the blue building",
	"promotionText": "Free delivery within 5km for orders above 20,000 TSH"
}

~~Request Body Parameters~~:updated:

Parameter	Type	~~Required~~	~~Description~~	Validation
shopName	string	No	~~Updated shop name~~	Min: 2, Max: 100 ~~characters~~chars
shopDescription	string	No	~~Updated description~~	Max: 1000 ~~characters~~
~~tagline~~	~~string~~	No	~~Updated tagline~~	~~Max: 50 characters~~chars
logoUrl	string	No	~~Updated logo URL~~	~~Must be valid~~Valid URL
bannerUrl	string	No	~~Updated banner URL~~	~~Must be valid~~Valid URL
shopImages	array	No	~~Updated shop images~~	~~Array of valid~~Valid URLs
~~categoryId~~	~~UUID~~	No	~~Updated category~~	~~Must be valid category ID~~
~~shopType~~	~~string~~	No	~~Updated shop type~~	~~enum: PHYSICAL, ONLINE, HYBRID~~
phoneNumber	string	No	~~Updated phone number~~	~~Pattern:~~ `^\+?[0-9]{10,15}$`
email	string	No	~~Updated email~~	~~Must be valid~~Valid email
~~websiteUrl~~streetAddress	string	No	~~Updated website URL~~	~~Must be valid URL~~
~~socialMediaLinks~~	~~array~~	No	~~Updated social media links~~	~~Array of valid URLs~~
~~address~~	~~string~~	No	~~Updated address~~	Max: ~~200~~255 ~~characters~~chars
city	string	No	~~Updated city~~	Min: 2, Max: 50 ~~characters~~chars
region	string	No	~~Updated region~~	Min: 2, Max: 50 ~~characters~~
~~postalCode~~	~~string~~	No	~~Updated postal code~~	~~Max: 10 characters~~chars
countryCode	string	No	~~Updated country code~~	Max: 3 ~~characters~~chars
latitude	decimal	No	~~Updated latitude~~	~~Range:~~ -90.0 to 90.0
longitude	decimal	No	~~Updated longitude~~	~~Range:~~ -180.0 to 180.0
~~locationNotes~~landmark	string	No	~~Updated location notes~~	Max: 300 ~~characters~~
~~promotionText~~	~~string~~	No	~~Updated promotion text~~	~~Max: 200 characters~~chars

~~Success~~Response: ~~Response~~Full ~~JSON~~ShopResponse ~~Sample~~(same shape as Create response)

Error Responses:


{
  "success"400: true,Not "httpStatus"the shop owner, or shop is deleted

401: "OK",Authentication "message"required

404: "Shop updatednot successfully",found
"action_time": "2025-09-23T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Premium Restaurant",
    "shopSlug": "mama-lucys-premium-restaurant",
    "updatedAt": "2025-09-23T10:30:45"
  }
}

5. Get Shop by ID (Summary)

~~Purpose~~~~: Retrieves basic shop information by shop ID~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/{shopId}

Access Level: 🌐 Public ~~(No authentication required)~~

~~Authentication~~:Returns ~~None~~

ShopSummaryListResponse

~~Path~~— ~~Parameters~~:

public-facing fieldsincludingtop

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~
~~shopId~~	~~UUID~~	~~Yes~~	~~Unique identifier of the shop~~	~~Must be valid UUID~~

~~Success Response JSON Sample~~:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shop retrieved successfully",
  "action_time": "2025-09-23T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Restaurant",
    "shopSlug": "mama-lucys-restaurant",
    "shopDescription": "Authentic Tanzanian cuisine",
    "logoUrl": "https://example.com/logo.jpg",
    "averageRating": 4.5,
    "totalRatings": 25,
    "totalActiveReviews": 12,
    "city": "Dar es Salaam",
    "region": "Dar es Salaam",
    "isVerified": false,
    "trustScore": 8.5 }reviews }and

rating.

6. Get Shop by ID (Detailed)

~~Purpose~~~~: Retrieves complete shop information including sensitive business details (owner/admin access only)~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/{shopId}/detailed

Access Level: 🔒 Protected (Shop Owner or ~~Admin Only)~~Admin)

~~Authentication~~:Returns ~~Bearer~~full ~~Token~~ShopResponse including all reviews and management fields.

~~Path Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~
~~shopId~~	~~UUID~~	~~Yes~~	~~Unique identifier of the shop~~	~~Must be valid UUID~~

~~Request Headers~~:

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for authenticated user~~

~~Success Response JSON Sample~~:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shop retrieved successfully",
  "action_time": "2025-09-23T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Restaurant",
    "businessRegistrationNumber": "REG123456",
    "taxNumber": "TAX789012",
    "licenseNumber": "LIC345678",
    "averageRating": 4.5,
    "totalRatings": 25,
    "reviews": [
      {
        "reviewId": "rev-123",
        "userName": "John Doe",
        "reviewText": "Amazing food!",
        "status": "ACTIVE",
        "createdAt": "2025-09-22T14:30:00"
      }
    ]
  }
}

7. Get My Shops

~~Purpose~~~~: Retrieves all shops owned by the authenticated user~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/my-shops

Access Level: 🔒 Protected ~~(Authenticated User Only)~~

~~Authentication~~:Returns ~~Bearer~~all ~~Token~~

shops

~~Request~~owned ~~Headers~~:

by (ShopSummaryListResponse

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for~~the authenticated user

~~Success Response JSON Sample~~:list).

{
  "success": true,
  "httpStatus": "OK",
  "message": "My shops retrieved successfully",
  "action_time": "2025-09-23T10:30:45",
  "data": [
    {
      "shopId": "123e4567-e89b-12d3-a456-426614174000",
      "shopName": "Mama Lucy's Restaurant",
      "status": "ACTIVE",
      "isApproved": true,
      "averageRating": 4.5,
      "totalRatings": 25,
      "createdAt": "2025-09-20T10:30:45"
    }
  ]
}

8. Get My Shops (Paginated)

~~Purpose~~~~: Retrieves user's shops with pagination support~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/my-shops-paged

Access Level: 🔒 Protected ~~(Authenticated User Only)~~

~~Authentication~~Query Parameters:

Parameter	Default	Description
page	1	Page number (1-based)
size	10	Items per page (max: 100)

9. Approve / Reject Shop

Endpoint: ~~Bearer~~PATCH ~~Token~~api/v1/e-commerce/shops/{shopId}/approve-shop

Access Level: 🔒 Protected (ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN)

Query Parameters:

Parameter	Type	Required	Description	~~Validation~~	~~Default~~
~~page~~	~~integer~~	No	~~Page number (1-based)~~	~~Min: 1~~	1
~~size~~	~~integer~~	No	~~Number of items per page~~	~~Min: 1, Max: 100~~	10

~~Request Headers~~:

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for authenticated user~~

9. Approve Shop

~~Purpose~~~~: Approve or reject a shop (admin operation)~~

~~Endpoint~~: ~~PATCH~~ {base_url}/shops/{shopId}/approve-shop

~~Access Level~~~~: 🔒 Protected (Super Admin or Staff Admin Only)~~

~~Authentication~~~~: Bearer Token~~

~~Path Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~
~~shopId~~	~~UUID~~	~~Yes~~	~~Unique identifier of the shop~~	~~Must be valid UUID~~

~~Query Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~	~~Default~~
approve	boolean	Yes	~~Whether~~`true` to ~~approve~~approve, ~~(true)~~`false` orto reject ~~(false)~~	~~Must be boolean~~	-

~~Request Headers~~:

~~Header~~	~~Type~~	~~Required~~	~~Description~~
~~Authorization~~	~~string~~	~~Yes~~	~~Bearer token for admin user~~

~~Success~~ Response JSON Sample:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shop approval status changed successfully",
  "action_time": "2025-09-23T10:2026-05-19T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Restaurant",
    "isApproved": true,
    "approvedAt": "2025-09-23T10:2026-05-19T10:30:45"
  }
}

10. Get Featured Shops by Category

~~Purpose~~~~: Retrieves all shops in a specific category~~

Endpoint: GET {base_url}/api/v1/e-commerce/shops/category/{categoryId}featured

Access Level: 🌐 Public

Returns up to 20 randomly selected featured shops (NoShopSummaryListResponse ~~authentication~~list).

~~required)~~

11. Get Featured Shops (Paginated)

Endpoint: GET api/v1/e-commerce/shops/featured-paged

~~Authentication~~Access Level: ~~None~~🌐 Public

~~Path~~Query Parameters:

Parameter	Default	Description
page	1	Page number
size	10	Items per page (max: 100)

12. Search Shops

Endpoint: GET api/v1/e-commerce/shops/search

Access Level: 🌐 Public

Query Parameters:

~~validUUID~~

Parameter	Type	Required	~~Description~~Default	~~Validation~~Description
~~categoryId~~q	~~UUID~~string	~~Yes~~No	~~Unique identifier of the shop category~~—	~~Must~~Search bequery
page	integer	No	1	Page number
size	integer	No	10	Items per page

~~Success~~ Response JSON Sample:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shops by category retrieved successfully",
  "action_time": "2025-09-23T10:2026-05-19T10:30:45",
  "data": [
    {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
      "shopName": "Mama Lucy's Restaurant",
      "categoryName": "Restaurant & Food",
      "averageRating": 4.5,
      "city": "Dar es Salaam"
    }
  ]
}

11. Get Shops by Category (Paginated)

~~Purpose~~~~: Retrieves shops in a category with pagination~~

~~Endpoint~~: ~~GET~~ {base_url}/shops/category/{categoryId}/paged

~~Access Level~~~~: 🌐 Public (No authentication required)~~

~~Authentication~~~~: None~~

~~Path Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~
~~categoryId~~	~~UUID~~	~~Yes~~	~~Unique identifier of the shop category~~	~~Must be valid UUID~~

~~Query Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~	~~Default~~
~~page~~	~~integer~~	No	~~Page number (1-based)~~	~~Min: 1~~	1
~~size~~	~~integer~~	No	~~Number of items per page~~	~~Min: 1, Max: 100~~	10

12. Get Featured Shops

~~Purpose~~~~: Retrieves randomly selected featured shops (up to 20 shops)~~

~~Endpoint~~: ~~GET~~ {base_url}/shops/featured

~~Access Level~~~~: 🌐 Public (No authentication required)~~

~~Authentication~~~~: None~~

~~Success Response JSON Sample~~:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Featured shops retrieved successfully",
  "action_time": "2025-09-23T10:30:45",
  "data"content": [ { "shopId":...ShopSearchResponse fields..."123e4567-e89b-12d3-a456-426614174000",
      "shopName": "Mama Lucy's Restaurant",
      "averageRating": 4.5,
      "totalRatings": 25,
      "city": "Dar es Salaam",
      "isVerified": true } ],
    "totalElements": 8,
    "totalPages": 1,
    "currentPage": 1,
    "pageSize": 10,
    "hasNext": false,
    "hasPrevious": false
  }
}

13. Get FeaturedShop ShopsSummary (Paginated)Stats

~~Purpose~~~~: Retrieves featured shops with pagination (randomized on each request)~~

Endpoint: GET {base_url}/shops/featured-paged

~~Access Level~~~~: 🌐 Public (No authentication required)~~

~~Authentication~~~~: None~~

~~Query Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~	~~Default~~
~~page~~	~~integer~~	No	~~Page number (1-based)~~	~~Min: 1~~	1
~~size~~	~~integer~~	No	~~Number of items per page~~	~~Min: 1, Max: 100~~	10

14. Get Shop Summary Statistics

~~Purpose~~~~: Retrieves comprehensive statistics including ratings, reviews, and user activities for a shop~~

~~Endpoint~~: ~~GET~~ {base_url}/api/v1/e-commerce/shops/{shopId}/summary-stats

Access Level: 🌐 Public

~~(No~~

Returns ~~authentication~~aggregated ~~required)~~review and rating statistics for a shop, including per-user activity.

~~Authentication~~~~: None~~

~~Path Parameters~~:

~~Parameter~~	~~Type~~	~~Required~~	~~Description~~	~~Validation~~
~~shopId~~	~~UUID~~	~~Yes~~	~~Unique identifier of the shop~~	~~Must be valid UUID~~

~~Success~~ Response JSON Sample:

{
  "success": true,
  "httpStatus": "OK",
  "message": "Shop summary stats retrieved successfully",
  "action_time": "2025-09-23T10:30:45",
  "data": {
    "shopId": "123e4567-e89b-12d3-a456-426614174000",
    "shopName": "Mama Lucy's Restaurant",
    "averageRating": 4.5,
    "totalRatings": 25,
    "ratingDistribution": { "1": 1, "2": 2, "3": 5, "4": 7, "5": 10 },
    "totalReviews": 15,
    "activeReviews": 12,
    "hiddenReviews": 2,
    "flaggedReviews": 1,
    "userActivities": [
      {
        "userId": "user-123",
        "userName": "John Doe",
        "reviewId"feedbackId": "rev-123",
        "reviewText": "Amazing food and service!",
        "reviewStatus": "ACTIVE",
        "reviewDate": "2025-09-22T14:30:00",
        "ratingId": "rat-123",
        "ratingValue": 5,
        "ratingDate"date": "2025-09-22T14:35:2026-05-19T14:30:00",
        "hasReview": true,
        "hasRating": true
      }
    ]
  }
}

14. WABA (WhatsApp Business) Integration

WABA allows shops to receive and respond to WhatsApp customer messages via an AI-powered chatbot. The flow is: shop registers a WABA → admin approves with Meta credentials → shop toggles AI on/off and monitors conversation history.

~~Success~~Base ~~Response~~path ~~Fields~~for all WABA endpoints: api/v1/e-commerce/shops/{shopId}/waba

Shared Path Parameter:

~~identifier~~

~~Field~~Parameter	Type	Description
shopId	~~Unique~~UUID	ID of the shop

14a. Register WABA

Purpose: Shop owner submits a WhatsApp number and display name to begin WABA registration.

Endpoint: POST api/v1/e-commerce/shops/{shopId}/waba/register

Access Level: 🔒 Protected (Shop Owner)

Request Body:

of~~the~~

Parameter	Type	Required	Validation
~~shopName~~phoneNumber	~~Name~~string	Yes	Max: ~~shop~~20 chars
~~averageRating~~displayName	~~Average rating score (1-5)~~
~~totalRatings~~string	~~Total number of ratings received~~
~~ratingDistribution~~Yes	~~Count~~Max: of100 ~~ratings by star value (1-5)~~
~~totalReviews~~	~~Total number of reviews (all statuses)~~
~~activeReviews~~	~~Number of active/visible reviews~~
~~hiddenReviews~~	~~Number of hidden reviews~~
~~flaggedReviews~~	~~Number of flagged reviews~~
~~userActivities~~	~~Array of combined user review and rating activities~~
~~userActivities.hasReview~~	~~Whether user has written a review~~
~~userActivities.hasRating~~	~~Whether user has given a rating~~chars

Standard Error Types and Responses

Application-Level Exceptions (400-499)

400 BAD_REQUEST~~: General invalid request data, random exceptions, or item already exists~~

401 UNAUTHORIZED~~: Authentication issues (empty, invalid, expired, or malformed tokens)~~

403 FORBIDDEN~~: Access denied, permission issues, verification failures, expired invitations~~

404 NOT_FOUND~~: Requested resource does not exist~~

422 UNPROCESSABLE_ENTITY~~: Validation errors with detailed field information~~

429 TOO_MANY_REQUESTS~~: Rate limit exceeded~~

Server-Level Exceptions (500+)

500 INTERNAL_SERVER_ERROR~~: Unexpected server errors~~

~~Error~~Request ~~Response~~JSON ~~Examples~~Sample:

{
  "phoneNumber": "+255712345678",
  "displayName": "Mama Lucy's Restaurant"
}

14b. Approve WABA

Purpose: Admin approves a pending WABA registration by supplying Meta WABA credentials.

Endpoint: PATCH api/v1/e-commerce/shops/{shopId}/waba/approve

Access Level: 🔒 Protected (ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN)

Request Body:

Parameter	Type	Required	Validation
wabaId	string	Yes	Max: 64 chars (Meta WABA ID)
phoneNumberId	string	Yes	Max: 64 chars (Meta Phone Number ID)
phoneNumber	string	Yes	Max: 20 chars

14c. Resubmit WABA

Purpose: Shop ~~Already~~owner ~~Exists~~resubmits a rejected or pending WABA with corrected info.

Endpoint: PATCH api/v1/e-commerce/shops/{shopId}/waba/resubmit

Access Level: 🔒 Protected (~~400)~~Shop Owner)

Request Body:

Parameter	Type	Validation
phoneNumber	string	Max: 20 chars
displayName	string	Max: 100 chars

14d. Admin Update WABA

Purpose: Admin updates Meta credentials on an existing WABA account.

Endpoint: PATCH api/v1/e-commerce/shops/{shopId}/waba/admin-update

Access Level: 🔒 Protected (ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN)

Same request body as Resubmit WABA.

14e. Update WABA Status

Purpose: Admin changes the status of a WABA account (e.g., suspend or reactivate).

Endpoint: PATCH api/v1/e-commerce/shops/{shopId}/waba/status

Access Level: 🔒 Protected (ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN)

Query Parameters:

Parameter	Type	Required	Description
status	ShopWabaStatus	Yes	`PENDING`, `ACTIVE`, `SUSPENDED`, `REJECTED`

14f. Toggle AI Chatbot

Purpose: Shop owner enables or disables the AI chatbot for their WABA.

Endpoint: PATCH api/v1/e-commerce/shops/{shopId}/waba/toggle-ai

Access Level: 🔒 Protected (Shop Owner)

Query Parameters:

Parameter	Type	Required	Description
enabled	boolean	Yes	`true` to enable, `false` to disable

Response JSON Sample:

{
  "success": false,
  "httpStatus": "BAD_REQUEST",true,
  "message": "ShopAI withenabled this name already exists",
  "action_time": "2025-09-23T10:30:45"successfully",
  "data": {
    "ShopshopId": with"...",
    this"aiEnabled": nametrue,
    already"updatedAt": exists""2026-05-19T11:00:00"
  }
}

14g. Get WABA Conversations

~~Unauthorized~~Purpose: -Retrieves ~~Token~~paginated ~~Issues~~WhatsApp conversation sessions for the shop.

Endpoint: GET api/v1/e-commerce/shops/{shopId}/waba/conversations

Access Level: 🔒 Protected (~~401)~~Shop Owner or Admin)

Query Parameters:

Parameter	Default	Description
page	1	Page number
size	10	Items per page

Response JSON Sample:

{
  "success": false,
  "httpStatus": "UNAUTHORIZED",true,
  "message": "TokenConversations has expired",
  "action_time": "2025-09-23T10:30:45"retrieved",
  "data": {
    "Tokencontent": has[ expired"{ "...WabaSessionResponse fields..." } ],
    "currentPage": 1,
    "pageSize": 10,
    "totalElements": 42,
    "totalPages": 5,
    "hasNext": true,
    "hasPrevious": false
  }
}

14h. Get Session Messages

Purpose: Retrieves paginated messages within a specific conversation session.

Endpoint: GET api/v1/e-commerce/shops/{shopId}/waba/conversations/{sessionId}/messages

Access ~~Denied~~Level: -🔒 Protected (Shop Owner or Admin)

Additional Path Parameter:

Parameter	Type	Description
sessionId	UUID	ID of the conversation session

Query Parameters:

Parameter	Default	Description
page	1	Page number
size	20	Items per page

14i. Get Session Messages by Date Range

Purpose: Retrieves messages in a session filtered by date range.

Endpoint: GET api/v1/e-commerce/shops/{shopId}/waba/conversations/{sessionId}/messages/by-date

Access Level: 🔒 Protected (Shop Owner or Admin)

Additional Path Parameter:

Parameter	Type	Description
sessionId	UUID	ID of the conversation session

Query Parameters:

Parameter	Type	Required	Description
from	LocalDateTime	Yes	Start datetime (ISO 8601)
to	LocalDateTime	Yes	End datetime (ISO 8601)
page	integer	No	Default: 1
size	integer	No	Default: 20

Quick Reference

Enums

ShopStatus: PENDING, ACTIVE, SUSPENDED, CLOSED, UNDER_REVIEW

ShopType: PHYSICAL, ONLINE, HYBRID

VerificationBadge: BRONZE, SILVER, GOLD, PREMIUM

ShopWabaStatus: PENDING, ACTIVE, SUSPENDED, REJECTED

Error Response Codes

~~(403):~~

~~"success": false, "httpStatus": "FORBIDDEN", "message": "Access denied: Insufficient permissions", "action_time": "2025-09-23T10:30:45", "data": "Access denied: Insufficient permissions" }~~

~~Shop Not Found (404):~~

{
  "success": false,
  "httpStatus": "NOT_FOUND",
  "message": "Shop

"action_time":"2025-09-23T10:30:45","data":"Shop}

Code	Meaning
`400`	Business logic violation or item already exists
`401`	Authentication required or token invalid/expired
`403`	Insufficient ~~Permissions~~permissions
`{404`	Resource not ~~found",~~found
`422`	Field-level ~~not~~validation ~~found"~~errors

~~Category Not Found (404):~~

{
  "success": false,
  "httpStatus": "NOT_FOUND",
  "message": "Shop category not found",
  "action_time": "2025-09-23T10:30:45",
  "data": "Shop category not found"
}

~~User Not Authenticated (404):~~

{
  "success": false,
  "httpStatus": "NOT_FOUND",
  "message": "User not authenticated",
  "action_time": "2025-09-23T10:30:45",
  "data": "User not authenticated"
}

Validation Error (422):

{ "success": false, "httpStatus": "UNPROCESSABLE_ENTITY", "message": "Validation failed", "action_time": "2025-09-23T10:30:45", "data": { "shopName": "Shop name must be between 2 and 100 characters", "phoneNumber": "Phone number must be between 10-15 digits and may start with +", "email": "Email must be valid" } }

~~Random~~
Access ~~Business~~Control ~~Logic Error (400):~~

{ "success": false, "httpStatus": "BAD_REQUEST", "message": "Only shop owners can update their shops", "action_time": "2025-09-23T10:30:45", "data": "Only shop owners can update their shops" }

~~Cannot Update Deleted Shop (400):~~

{ "success": false, "httpStatus": "BAD_REQUEST", "message": "Cannot update a deleted shop", "action_time": "2025-09-23T10:30:45", "data": "Cannot update a deleted shop" }

~~Data Models and Enums~~

~~Shop Status Enum~~Summary
approve/rejectshops,approve/update/status

~~Value~~Role ~~Description~~Capabilities

PENDINGPublic ~~Awaiting~~Read ~~admin~~shops, ~~approval~~search, featured, summary stats
Authenticated user All public + create shop, view own shops
Shop Owner All authenticated + update own shop, WABA management, view conversations

ACTIVEROLE_SUPER_ADMIN / ROLE_STAFF_ADMIN ~~Active~~All ~~and~~+ ~~operational~~

SUSPENDED ~~Temporarily suspended by admin~~
CLOSED ~~Permanently closed/inactive~~
UNDER_REVIEW ~~Under admin review for policy violations~~WABA

~~Shop~~WABA ~~Type~~Registration ~~Enum~~Flow

1.
POST /{shopId}/waba/register — shop owner submits
~~Value~~ ~~Description~~
PHYSICAL ~~Physical store only (brick-and-mortar)~~
ONLINE ~~Online store only (e-commerce)~~
HYBRID ~~Both physical and online presence~~
Verification Badge Enum displayname2.PATCHPATCH/{shopId}/waba/toggle-ai Value Description BRONZE Basic verification (documents verified) SILVER Enhanced verification (business registrationphone + documents) GOLD Premium/{shopId}/waba/approve verification— (fulladmin compliancesupplies Meta wabaId + goodphoneNumberId track3. record) PREMIUM Highest level (partner status + excellent performance) Review Status Enum (from related services) Value Description ACTIVE Review is visible and active HIDDEN Review is hidden from public view FLAGGED Review has been flagged for review DELETED Review has been deleted Business Rules and Logic Shop Creation Rules Shop name must be unique across all active shops Shop slug is automatically generated from— shop nameowner andenables mustAI bechatbot unique 4. NewGET shops/{shopId}/waba/conversations are— automatically set to PENDING status Shopshop owner ismonitors automaticallycustomer set to the authenticated user Shop approval is automatically set to true in current implementation Default country code is "TZ" (Tanzania) Default shop type is "HYBRID" Shop Update Rules Only shop owners can update their own shops Shop name changes trigger automatic slug regeneration Deleted shops cannot be updated Category ID must exist and be valid Phone number and email validation applies on updates Shop Approval Rules Only users with ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN can approve shops Approval status change is tracked with timestamp and admin user Approved shops can be featured in search results Access Control Rules Public endpoints: Shop listings, shop details (summary), categories, featured shops Authenticated user: Create shop, update own shop, view own shops Admin only: Approve/reject shops, view detailed shop information for all shops Owner/Admin only: View detailed shop information with business details Rating and Review Integration Shop responses automatically include rating summaries (average, total count) Shop responses include review summaries (total active reviews, top reviews) Summary statistics combine ratings and reviews from related services User activities show combined review and rating history per user Pagination Rules Page numbers are 1-based (first page is page=1) Default page size is 10 items Maximum page size is 100 items Invalid page numbers default to page 1 Invalid page sizes default to 10 Featured Shops Logic Featured shops are randomly selected from all approved, active shops Non-paginated featured endpoint returns up to 20 shops Paginated featured endpoint maintains randomization across requests Featured status can be time-limited (featuredUntil field) Authentication and Authorization Bearer Token Authentication Include the Bearer token in the Authorization header for protected endpoints: Authorization: Bearer your_jwt_token_herechats Required Roles for Admin Operations Shop Approval: Requires ROLE_SUPER_ADMIN or ROLE_STAFF_ADMIN Detailed Shop Access: Shop owner or admin roles Shop Updates: Shop owner only Token Validation Tokens are validated on each request to protected endpoints Expired tokens return 401 Unauthorized Invalid or malformed tokens return 401 Unauthorized Missing tokens on protected endpoints return 401 Unauthorized

~~Value~~	~~Description~~
`ACTIVE`	~~Review is visible and active~~
`HIDDEN`	~~Review is hidden from public view~~
`FLAGGED`	~~Review has been flagged for review~~
`DELETED`	~~Review has been deleted~~

~~Value~~Role	~~Description~~Capabilities
`PENDING`Public	~~Awaiting~~Read ~~admin~~shops, ~~approval~~search, featured, summary stats
Authenticated user	All public + create shop, view own shops
Shop Owner	All authenticated + update own shop, WABA management, view conversations
`ACTIVEROLE_SUPER_ADMIN` / `ROLE_STAFF_ADMIN`	~~Active~~All ~~and~~+ ~~operational~~
`SUSPENDED`	~~Temporarily suspended by admin~~
`CLOSED`	~~Permanently closed/inactive~~
`UNDER_REVIEW`	~~Under admin review for policy violations~~WABA

~~Value~~	~~Description~~
`PHYSICAL`	~~Physical store only (brick-and-mortar)~~
`ONLINE`	~~Online store only (e-commerce)~~
`HYBRID`	~~Both physical and online presence~~

~~Value~~	~~Description~~
`BRONZE`	~~Basic verification (documents verified)~~
`SILVER`	~~Enhanced verification (business registration~~phone + ~~documents)~~
`GOLD`	~~Premium~~/{shopId}/waba/approve ~~verification~~— ~~(full~~admin ~~compliance~~supplies Meta wabaId + ~~good~~phoneNumberId ~~track~~3. ~~record)~~
`PREMIUM`	~~Highest level (partner status + excellent performance)~~

Shop Management

Standard Response Format

Success Response Structure

Error Responseresponses Structure

Standard Response Fields

Endpoints

1. Create Shop

2. Get All Shops (List)

3. Get All Shops (Paginated)

4. Update Shop

5. Get Shop by ID (Summary)

6. Get Shop by ID (Detailed)

7. Get My Shops

8. Get My Shops (Paginated)

9. Approve / Reject Shop

9. Approve Shop

10. Get Featured Shops by Category

11. Get Featured Shops (Paginated)

12. Search Shops

11. Get Shops by Category (Paginated)

12. Get Featured Shops

13. Get FeaturedShop ShopsSummary (Paginated)Stats

14. Get Shop Summary Statistics

14. WABA (WhatsApp Business) Integration

14a. Register WABA

Standard Error Types and Responses

Application-Level Exceptions (400-499)

Server-Level Exceptions (500+)

14b. Approve WABA

14c. Resubmit WABA

14d. Admin Update WABA

14e. Update WABA Status

14f. Toggle AI Chatbot

14g. Get WABA Conversations

14h. Get Session Messages

14i. Get Session Messages by Date Range

Quick Reference

Enums

Error Response Codes

Data Models and Enums

Shop Status EnumSummary

ShopWABA TypeRegistration EnumFlow

Verification Badge Enum

Review Status Enum (from related services)

Business Rules and Logic

Shop Creation Rules

Shop Update Rules

Shop Approval Rules

Access Control Rules

Rating and Review Integration

Pagination Rules

Featured Shops Logic

Authentication and Authorization

Bearer Token Authentication

Required Roles for Admin Operations

Token Validation